A data processing apparatus may be able to operate in a secure domain and a less secure domain. When operating in the secure domain, data can be accessed that is not accessible when operating in the less secure domain. This provides a way of isolating potentially sensitive data and code from access by unauthorized persons or processes.
One way of keeping data and code secure is provided by ARM® of Cambridge UK, with their Trustzone architecture where there are secure and non-secure states and an exception instruction is used to transition between the states, the exception handler protecting the security of the secure side. Although this approach provides a high degree of security, considerable software intervention in the form of the software exception handler is required to change security states which both reduces the performance of the system and increases the amount of effort required to develop an external application program interface API for the secure software as all calls must be proxied through the exception hander.
For a small system such as microcontrollers, it may be more important to achieve a compromise between the level of security and the performance of the system, and so keep the overheads associated with implementing the secure domains reasonably low.